Friday, January 23, 2009

Internet Connection Sharing with Windows XP

Internet Connection Sharing with Windows XP



Windows XP Professional and Home Edition come with two great services, Internet Connection Sharing (ICS) and Internet Connection Firewall (ICF). ICS and ICF allow a home user to share an always-on connection with security and without buying a license for expensive firewall software. Even a dial-up link can benefit from ICS and ICF, providing network address translation, addressing, and name resolution services for all the computers on your network plus security.

Setting Up Internet Connection Sharing

You will need to designate a Windows XP computer as the host. This computer must have two network adapters, one for your internal network and one for the Internet connection. Before attempting to enable ICS, verify that the host computer has a working connection to the Internet through the network card connected to the cable modem or DSL line, or on the network connection associated with the modem. The easiest way to enable ICS is to use the Network Setup Wizard, by following these steps:

1.

Click Start, point to All Programs, point to Accessories, point to Communications, and then click Network Setup Wizard.

2.

Click Next until you see the Select a connection method screen.

3.

Click This computer connects directly to the Internet, and complete the wizard to install ICS.

This method has several advantages in that the wizard automatically detects the connection to the Internet, configures Internet Connection Firewall (ICF), bridges multiple network adapters connected to your home network and creates a log of information about the configuration named nsw.log in the Windows folder.

Turning on ICS manually is almost as easy as using the wizard except that you need to create the bridge for multiple network cards before enabling ICS. (See an earlier column, Building Network Bridges for more information on how to use the bridging capability in Windows XP.) Then take these steps:

1.

In Control Panel, click Network and Internet Connections and then click Network Connections.

2.

Click the local area network (LAN) connection or the dial-up networking connection that you want to share (that is, the one that connects to the Internet), and then, under Network Tasks, click Change settings of this connection.

3.

Disable Client for Microsoft Networks and File and Print Sharing for Microsoft Networks by clearing the check boxes shown in Figure 1. This step is extremely important. Never leave these items enabled for any network card that is directly connected to the Internet (see sitting duck, above).

Figure 1

Figure 1

4.

Click the Advanced tab, and select the Allow other network users to connect through this computer's Internet connection check box.

Figure 2

Figure 2

5.

You can enable or disable the allowing of other users to control the connection—users don't need to be able to control the connection to use it.

6.

Under Internet Connection Firewall, select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box for this network card, unless you have another firewall between the computer and the Internet. This is very important.

7.

Click OK, and Internet Connection Sharing will be enabled.

Note: You must have administrative rights to enable ICS. After enabling ICS, verify that Internet connectivity is still functional on the host computer before testing the client computers. Remember to leave the host computer on all the time or turn it on before the other networked computers, so the client computers can request an IP address from the host.

Troubleshooting ICS

If you have a problem with ICS, the best place to start is the Internet Connection Sharing Troubleshooter. You start the Troubleshooter with the following steps:

1.

Click Start, and then click Help and Support.

2.

Under Pick a Help Topic, click Fixing a problem.

3.

In the left pane, click Networking problems.

4.

In the right pane, click Internet Connection Sharing Troubleshooter and follow the instructions.

The Troubleshooter can address problems such as not being able to receive e-mail on an ICS client, the client or host computer fails to dial out or dials out without notifying you, you're unable to browse the Internet from a client or host computer, or your DSL or cable modem connection is slow. However, if the Troubleshooter leaves you troubled, here are some other common problems and their solutions.

ICS Not Enabled

If you're configuring ICS manually, be sure that the internal network adapter on the host computer doesn't have Internet Connection Firewall enabled. If ICF is enabled, you'll have to disable it before configuring ICS on the external adapter. Or take the easy way and run the Network Setup Wizard, which will automatically disable ICF on home networking adapters.

Check the IP address on the external adapter to verify that it is obtaining an IP address from your ISP. Similarly, check the IP address on the internal network adapter to verify that it is 192.168.0.1. If it's not, disable ICS, and then make sure the internal adapter is configured to use DCHP. Then re-enable ICS.

Internet Connection Sharing (ICS) automates the IP numbering task for the ICS clients on your network with the Dynamic Host Configuration Protocol (DHCP) service. The DHCP service enables the ICS host computer to assign IP addresses to its clients automatically. By default, when ICS is installed, the DHCP service begins supplying addresses to computers on the network.

Cannot Print to a Network Printer after Adding ICS

After you add Internet Connection Sharing (ICS), you discover that you can't print. This can happen because ICS uses a Class C subnet with an address range of 198.168.0.x. To solve the problem, give the printer an IP address to match the subnet of the client computers.

Computers on the Network Can't Connect to the Host

As part of the process of enabling ICS, the network adapter for the internal network on the host computer is set to a fixed IP address of 192.168.0.1 and a special DHCP server is enabled on that connection.

If computers on your network can't see the ICS host, it may be because they are not enabled to use DHCP. Check to see if DHCP is enabled on the client computer:

1.

In Control Panel, click Network and Internet Connections, and then click Network Connections.

2.

Right-click the connection icon, and then click Properties.

3.

Highlight Internet Protocol (TCP/IP), and then click Properties.

4.

On the General tab, if an IP address is specified, select the option Obtain an IP address automatically.

If a client computer has DHCP enabled and still can't see the host computer, try rebooting the client. Make sure that there are no other DHCP providers on the network, such as an Internet gateway device. Any such device should be on the outside segment of the network—between the host computer and the Internet, not between the host computer and the internal network.